Re: Providing catalog view to pg_hba.conf file - Patch submission

On 1/29/15 6:19 AM, Fabrízio de Royes Mello wrote:
> On Wed, Jan 28, 2015 at 5:27 PM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us <mailto:tgl(at)sss(dot)pgh(dot)pa(dot)us>> wrote:
> >
> > =?UTF-8?Q?Fabr=C3=ADzio_de_Royes_Mello?= <fabriziomello(at)gmail(dot)com <mailto:fabriziomello(at)gmail(dot)com>> writes:
> > > But I'm thinking about this patch and would not be interesting to have a
> > > FDW to manipulate the hba file? Imagine if we are able to manipulate the
> > > HBA file using INSERT/UPDATE/DELETE.
> >
> > Since the HBA file is fundamentally order-dependent, while SQL tables
> > are fundamentally not, that doesn't seem like a great API match. You
> > could probably brute-force something that would work, but it would very
> > much be a case of using a hammer to solve a screwdriver problem.
> >
>
> Maybe, but my intention is provide an easy way to edit HBA entries. With an extension or API to edit HBA entries many developers of PostgreSQL tools (ie. pgadmin, phppgadmin, etc) will be benefited.
>
> Perhaps a fdw can't be the best choice, maybe a complete new SQL syntax to manipulate HBA entries like we did with ALTER SYSTEM. It's just some thoughts about it.

Aside from Tom's concern about sets not being a good way to handle this (which I agree with), the idea of "editing" pg_hba.conf via SQL raises all the problems that were brought up when ALTER SYSTEM was being developed. One of the big problems is a question of how you can safely modify a text file that's full of comments and what-not. You'd need to address those issues if you hope to modify pg_hba.conf via SQL.
--
Jim Nasby, Data Architect, Blue Treble Consulting
Data in Trouble? Get it in Treble! http://BlueTreble.com